Hello Folks, we are having trouble with DNS connectivity between client and server connected in different DMZs. Its seems that there is a problem with the subnets we are using. The inside network has the supernet 10.10.96.0/19 and there is a static route in the PIX to reach all the hosts in the inside. Due some reason the former admin take a subnet of this supernet and assigned it to DMZ2 which is 10.10.105.32/27 here is where the DNS server live. The DMZ has the ip subnet 10.32.255.0/27 and here is where the DNS client live.
The problem is that despite we have investing long time in the firewall rules, the problem persist and I thing the problem is regarding the subnet due this capture I have when I try the communication between them.
%PIX-6-302015: Built inbound UDP connection 45263399 for dmz:10.32.255.15/3902 (10.32.255.15/3902) to inside:10.10.105.49/53 (10.10.105.49/53)
%PIX-6-302015: Built outbound UDP connection 45263400 for dmz2:10.10.105.49/53 (10.10.105.49/53) to inside:10.32.255.15/3902 (10.32.255.15/3902)
Why is the PIX building the connection to the inside instead to DMZ2?